Branch sisyphus_mipsel update bulletin.

Package make-initrd updated to version 2.31.0-alt2 for branch sisyphus_mipsel.

Не работает поддержка /etc/crypttab в luks

Package autofs updated to version 5.1.8-alt5 for branch sisyphus_mipsel.

autofs-ldap: при установке ломаются права на /etc/autofs_ldap_auth.conf

Package arj updated to version 3.10.22-alt8 for branch sisyphus_mipsel.

Published: 2015-04-08
Modified: 2025-04-12

CVE-2015-0556

Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive.

Severity: MEDIUM (5.8) Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P

References:

Published: 2015-04-08
Modified: 2025-04-12

CVE-2015-0557

Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive.

Severity: MEDIUM (5.8) Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P

References:

Published: 2015-04-08
Modified: 2025-04-12

CVE-2015-2782

Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive.

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Version: 2.1.2

Branch sisyphus_mipsel update on 2022-10-20

ALT-BU-2022-6733-1

ALT-PU-2022-6730-1

Closed bugs

Bug #44073

ALT-PU-2022-6731-1

Closed bugs

Bug #44091

ALT-PU-2022-6732-1

Closed vulnerabilities

CVE-2015-0556

CVE-2015-0557

CVE-2015-2782